[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Firewall <-> CUPS
Holger Schletz schrieb:
Your reply did not get posted to the list, so I will answer directly:
Sep 24 11:51:54 ptpp74 kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT=
220.127.116.11 DST=18.104.22.168 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=19456 DF PROTO=TCP SPT=51782 DPT=631 WINDOW=584
0 RES=0x00 SYN URGP=0 OPT (020405B40402080A0DEBEA270000000001030301)
But I cannot interpret what is going on.
It means that the machine 22.214.171.124 (SRC=...) tried to open a TCP
connection (PROTO=TCP) to your machine (DST=126.96.36.199) on port 631
(DPT=631). The source address is not identical to the address you specified
in your firewall config (188.8.131.52). Is this a typo?
I know for sure that the CUPS server is 184.108.40.206. But even if I
change the configuration to
FW_TRUSTED_NETS="220.127.116.11,tcp,631" ( The option was spelled
correclty, I have copied it in a uncomplete manner. )
the CUPS printer are not recognised.
BTW, the line W_TRUSTED_NETS="18.104.22.168,tcp,631" is misspelled in your post
(must be "FW_TRUSTED_NETS=...", check your config file.
Check the IP addresses and tell me what you see.
Institute for Theoretical Physics
Dresden University of Technology
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here